This isn’t the first time that malware and adware will infect Android devices. There have been several reports that malicious hackers uses some Google Play store apps to infect Android devices for their own monetary gains. And this has prompted Google to take down those apps from its Play Store. Google has detected another malicious code that has affected most Android devices before they are been shipped to their various destinations.
Recently, in a well explanatory blog post, Google elaborated how these hackers infected Android devices with Tirada. Tirada is designed to display spam and ads on some devices which are hard to detect. The hackers infected Android devices with Tirada during the manufacturing process through a third party.
According to the post by Google, it is believed that OEMs initiated the inclusion of some features such as the face unlock feature which are not a part of the Android Open Source Project. Additionally, OEM is likely to partner with any third party that can assist it in developing its choice of features and then transfer to the vendor the system image for its development.
However, the moment the Tirada Trojan gets installed on a device, it requests for certain details about the device, and afterwards send these details to the control server. It is difficult to detect Tirada reason been that it changes the Android Zygote process and the templates that Google uses on its Android operating system.
The moment Tirada enters the template, it becomes a part of the device. It is well hidden in the device in such a way that it can’t be detected for a very long time. When the malware was first detected in 2016, Google was able to take it down but now, these malicious hackers have upgraded it and released a higher version of it in the year 2017. The one alternative way to protect ones device is to ensure clean Android firmware is installed.
Tirada Trojan is real and has been infecting several Android devices for the past years. The list of infected devices are not yet known, but Tirada has been found on several Android devices.